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Amendments to the Claims 

Please amend claims 1 and 4-8, without prejudice. 
Please cancel claims 9-20, without prejudice. 
Please add new claims 21-34. 

This listing of claims will replace all prior versions, and listings of claims in the 
application: 

Listing of Claims: 

1. (Currently Amended) A method of managing a switch, comprising: 

Installing the providing a switch having a plurality of processor 
elements (PEs), each of the plurality of PEs running a network operating 
system (NOS), the NOS allowing the switch to create discrete customized 
services for customers of a service provider operating the switch by 
providing each customer with a customized configuration of service object 
groups ; 

installing an operating system on each processor element; 

creating a system virtual router on [[one]] a first PE of the plurality 
of PEs processor elements , wherein creating [[a]] the system virtual router 
includes establishing a global object manager associated with the NOS of 
the first PE on one of the plurality of processor elements , the global object 
manager being responsible for managing global object groups and global 
object configurations ; and 

configuring the plurality of PEs the processor elements from the 
system virtual router, wherein configuring includes establishing, via the 
global object manager, a local object manager on each of the PEs 
processor element , wherein the local object manager for a given PE of the 
plurality of PEs manages objects local to each processor element the given 
PE and transfers messages between objects on the given PE processor 
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element and between objects on the given PE and objects on other PEs of 
the plurality of PEs processor elements . 

2. (Original) An article comprising a computer readable medium having 
instructions thereon, wherein the instructions, when executed in a computer, 
create a system for executing the method of claim 1 . 

3. (Cancelled) 

4. (Currently Amended) The method of claim 1, wherein said configuring the 
processor elements PEs of the plurality of PEs includes creating a customer 
virtual router from selected PEs processor elements on multiple blades of the 
switch, wherein creating a customer virtual router includes: 

establishing a virtual private network (VPN) associated with a 
customer; 

adding the customer virtual router to a list of virtual routers 
associated with the VPN virtual private network ; and 

creating an object associated with the customer virtual router on 
each of the selected PEs processor elements . 

5. (Currently Amended) The method of claim 1, wherein said configuring the 
processor elements the plurality of PEs includes: 

adding new PEs processor elements ; and 
using a distributed management layer to group PEs processor 
elements into at least one virtual router, wherein grouping includes 
assigning a group identifier to selected objects in each PE processor 
element such that the selected objects can be addressed as a group. 

6. (Currently Amended) The method of claim 5, wherein using a distributed 
management layer to group processor elements into at least one virtual router 
includes: 

requesting the global object manager to create a virtual router from 
a group of PEs processor elements ; 
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requesting one or more of the local object managers to group the 

group of PEs processor elements ; 

activating PEs processor elements of the group; and 
generating a status message that the at least one virtual router is 

created. 

7. (Currently Amended) The method of claim 6, wherein said activating PEs 
processor elements of the group includes causing changing a state machine for a 
PE of the PEs of the group processor element to enter an active state. 

8. (Currently Amended) The method of claim 5, wherein said using a distributed 
management layer to group PEs processor elements includes adding object 
identifiers to a global object database. 

9-20. (Cancelled) 

21. (New) The method of claim 1, wherein the customized configuration of service 
object groups associated with a first customer represent network resources of the 
switch sufficient to provide the first customer with network-based managed 
firewall services. 

22. (New) The method of claim 21, wherein the customized configuration of 
service object groups associated with the first customer further represent 
network resources of the switch sufficient to provide the first customer with 
virtual private network (VPN) services. 

23. (New) The method of claim 21, wherein the customized configuration of 
service object groups associated with a second customer represent network 
resources of the switch sufficient to provide the second customer with network- 
based managed firewall services. 

24. (New) The method of claim 23, wherein the customized configuration of 
service object groups associated with the second customer further represent 
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network resources of the switch sufficient to provide the second customer with 
virtual private network (VPN) services. 

25. (New) A method comprising: 

providing a switch having a plurality of processor elements (PEs), 
each of the plurality of PEs running a network operating system (NOS); 

creating discrete customized services for each customer of a 
service provider operating the switch by providing each customer with a 
customized configuration of service object groups; and 

configuring and managing the service object groups by 

establishing a global object manager associated with the 
NOS of a first PE of the plurality of PEs, the global object manager 
being responsible for managing a global object database, global 
object groups and global object configurations; 

establishing, via the global object manager, a local object 
manager on each of the plurality of PEs; and 

each of the local object managers managing objects local to 
the corresponding PE of the plurality of PEs, including establishing 
object channels between objects residing in local and remote 
address spaces via connection end points supported by the NOS, 
each object channel representing a point-to-point asynchronous 
communications channel between a first object and a second object 
onto which services can be pushed. 

26. (New) The method of claim 25, further comprising configuring the plurality of 
PEs by 

creating a customer virtual router from selected PEs of the plurality 
of PEs on multiple blades of the switch; 

establishing a virtual private network (VPN) associated with a 
customer; 



- 10- 



Appl. No. 09/663,483 

Amdt. Dated November 6, 2006 

Reply to Office Action of July 6, 2006 

adding the customer virtual router to a list of virtual routers 
associated with the VPN; and 

creating an object associated with the customer virtual router on 
each of the selected PEs. 

27. (New) The method of claim 26, wherein said configuring the plurality of PEs 
includes: 

adding new PEs; and 

using a distributed messaging layer of the NOS to group PEs into 
at least one virtual router, wherein grouping includes allowing selected 
objects in each PE to be addressed as a group by assigning a group 
identifier to the selected objects. 

28. (New) The method of claim 27, wherein said using a distributed messaging 
layer of the NOS to group PEs into at least one virtual router includes: 

requesting the global object manager to create a virtual router from 
a group of PEs; 

requesting one or more of the local object managers to group the 
group of PEs; 

activating PEs of the group; and 

generating a status message that the at least one virtual router is 
created. 

29. (New) The method of claim 27, wherein said using a distributed messaging 
layer of the NOS to group PEs includes adding object identifiers to the global 
object database. 

30. (New) The method of claim 26, wherein the customized configuration of 
service object groups associated with a first customer represent network 
resources of the switch sufficient to provide the first customer with network- 
based managed firewall services. 
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31. (New) The method of claim 26, wherein the customized configuration of 
service object groups associated with the first customer further represent 
network resources of the switch sufficient to provide the first customer with 
virtual private network (VPN) services. 

32. (New) The method of claim 30, wherein the customized configuration of 
service object groups associated with a second customer represent network 
resources of the switch sufficient to provide the second customer with network- 
based managed firewall services. 

33. (New) The method of claim 31, wherein the customized configuration of 
service object groups associated with the second customer further represent 
network resources of the switch sufficient to provide the second customer with 
virtual private network (VPN) services. 

34. (New) An article of manufacture comprising a computer-readable medium 
having instructions stored thereon, which when executed by one or more 
processors, cause the method of claim 26 to be performed. 



